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| The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 

Period for Reply 

I A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 

j WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

■ - Extensions of time may be available under the provisions of 37 CFR 1 .1 36(a). In no event, however, may a reply be timely filed 

after SIX (6) MONTHS from the mailing date of this communication. 
! - If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 
! - Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
i Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
j earned patent term adjustment. See 37 CFR 1.704(b). 
i 

Status 

i 

■ 1)S Responsive to communication(s) filed on 19 March 2004 . 
2a)D This action is FINAL. 2b)IEI This action is non-final. 

j 3)D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is. 
closed in accordance with the practice under Ex parte Quayle, 1935' CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

l 4)E3 Claim(s) 1-35 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

j 5)D Claim(s) is/are allowed. 

j 6)^ Claim(s) 1-35 is/are rejected, 
j 7)D Claim(s) is/are objected to. 

I 8)D Claim(s) are subject to restriction and/or election requirement. 

I ■ 
Application Papers 

j 9)D The specification is objected to by the Examiner. 

|10)^ The drawing(s) filed on 19 March 2004 is/are: a)K accepted or b)D objected to by the Examiner. 
| Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
:1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

;12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.Q Certified copies of the priority documents have been received in Application No. . 

] 3.D Copies of the certified copies of the priority documents have been received in this National Stage 

! application from the International Bureau (PCT Rule 17.2(a)). 

j * See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

i 

l * 

j 1. Claims 1-52 are pending. 

Claim Rejections - 35 USC § 103 



The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
i obviousness rejections set forth in this Office action: 

i 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-5, 7, 9-11, 17-21, 23, 25-26, 31-35 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Rindsberg US Patent No. 6,970,565 in view of Herbert et al 
US Patent No. 7,149,901. 

3. With regards to claims 1,17, 31-35, Rindsberg teaches a method of enhancing 
data security, with data to be executed in an electronic device comprising a secure 
execution environment to which access is restricted, (Rindsberg, column 6 lines 20-28) 
the method comprising the steps of verifying, in said secure execution environment, the 
integrity of data to be written into storage (Rindsberg, column 8 lines 19-33, if integrity of 
patch passes), and encrypting, in said secure execution environment (Rindsberg, 
column 8 lines 19-33, encrypting using the unique key) the data by means of said secret 
key (Rindsberg; column 8 lines 19-33, encrypting using the unique key) and writing the 
encrypted data into storage (Rindsberg, column 8 lines 19-33, encrypted patch stored in 

i 

f 
i 

i 
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memory). Rindsberg fails to specifically teach the generating of keys repeatedly. 
However, Herbert teaches generating, in a secure execution environment, a new secret 
key repeatedly and using the new secret key for encryption of files to be stored 
(Herbert, column 3 lines 1-15, random number generator generates new encryption 
keys for storing encrypted pages in secure environment). At the time the invention was 
made, it would have been obvious to a person of ordinary skill in the art to utilize 
Herbert's key generation method with Rindsberg's secure downloading system because 
it offers the advantage of increasing the strength of the encryption by using multiple 
keys with smaller data samples (Herbert, column 4 lines 40-46). 

4. With regards to claims 2, 18, Rindsberg as modified teaches a new secret key is 
generated when the device is booted (Herbert, column 4 lines 20-30, random number 
generator continually generates keying material). 

5. With regards to claims 3, 19, Rindsberg as modified teaches a new secret key is 
generated repeatedly during runtime (Herbert, column 3 lines 1-15, generated for new 
pages). 

6. With regards to claims 4, 20, Rindsberg as modified teaches the data comprises 
program code (Rindsberg, column 7 lines 23-25, patch program). 

7. With regards to claims 5, 21 , Rindsberg as modified teaches storage comprising 
temporary memory (Rindsberg, column 7 lines 41-44, RAM). 

8. With regards to claims 7, 23, Rindsberg as modified teaches authenticating, in 
said secure execution environment, the program code to be written into storage to 
ensure that the program code originates from a trusted program code provider 
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(Rindsberg, column 8 lines 12-19, authenticates that patch came from intended source 
and was received without error). 

9. With regards to claim 9, Rindsberg as modified teaches the step of generating a 
new secret key includes the step of generating a plurality of new secret keys wherein 
each new secret key is used to encrypt a respective subset of the data (Herbert, column 
4 lines 20-30, random number generator continually generates keying material, column 
4 lines 40-46). 

10. With regards to claims 10, 25, Rindsberg as modified teaches calculating, in said 
secure execution environment, integrity data for data to be stored in said storage 
(Herbert, column 3 lines 10-16) and storing the calculated integrity data (Herbert, 
column 3 lines 10-16). 

1 1 . With regards to claims 1 1 , 26, Rinsbert as modified teaches the integrity data 
comprising a message authentication code (Herbert, column 3 lines 10-16, hash). 

12. Claims 6 and 22 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Rindsberg US Patent No. 6,970,565 and Herbert et al US Patent No. 7,149,901 as 
applied to claim 1 above, and further in view of Hoskinson US Patent No. 5,455,862. 

13. With regards to claims 6, 22, Rindsberg as modified fails to teach reordering 
address locations of said storage in address space at the time of boot, wherein the 
order of the address locations in address space is altered. However, Hoskinson 
teaches reordering address locations of said storage in address space at the time of 
boot, wherein the order of the address locations in address space is altered (Hoskinson, 
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column 7 lines 1 3-37, at initial loading or program code all logical address are modified): 
At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to utilize Hoskinson's address encryption method with Rindsberg as 
modified because it offers the advantage of preventing an observer from attempting to 
tap into the circuitry to discover the program and code and other data stored in the 
memory (Hoskinson, column 7 lines 31-37). 

14. Claims 8 and 24 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Rindsberg US Patent No. 6,970,565 and Herbert et al US Patent No. 7,149,901 as 
applied to claim 1 above, and further in view of Best US Patent No. 4,278,837. 

15. With regards to claims 8 and 24, Rindsberg as modified fails to teach combining 
the address of the location in said storage, to which location the encrypted data is to be 
written, with the new secret key and using the combination of the address and the new 
secret key to encrypt said data wherein the encrypted data becomes associated with 
the address. However, Best teaches combining the address of the location in said 
storage, to which location the encrypted data is to be written, with the new secret key 
(Best, column 14 lines 31-45, uses random number and address) and using the 
combination of the address and the new secret key to encrypt said data wherein the 
encrypted data becomes associated with the address (Best, column 14 lines 31-45). At 
the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to utilize Best's method of encryption with Rindsberg as modified because 
it offers the advantage of helping keep program code secure at all times and remove the 
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need to have unenciphered code ever be used or stored outside the processor 
environment (Best, column 3 lines 1-20). 

16. Claims 12-14, 27-28 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Rindsberg US Patent No. 6,970,565 and Herbert et al US Patent No. 7,149,901 as 
applied to claim 1 1 above, and further in view of Cassagnol et al US Patent No. 
6,438,666. 

17. With regards to claims 12, 27, Rindsberg as modified teaches generated keys as 
noted above, but fails to teach the message authentication code being calculated using 
a secret key. However, Cassagnol teaches a message authentication code being 
calculated by using a secret key (Cassagnol, column 7 lines 39-62). At the time the 
invention was made, it would have been obvious to a person of ordinary skill in the art to 
utilize Cassagnol's method of computing message authentication codes with Rindsberg 
as modified because it offers the advantage of helping ensure that all ensuring that a 
processor only runs valid and authenticated programs (Cassagnol, column 7 lines 39- 
62). 

18. With regards to claim 13, Rindsberg as modified teaches different message 
authentication codes being calculated for different parts of the data by means of 
different new secret keys (Cassagnol, column 7 lines 39-62, Herbert, column 4 lines 20- 
30). 

19. With regards to claims 14, 28, Rindsberg as modified teaches verifying in said 
secure execution environment the correctness of the message authentication code that 
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I 
t 

i is associated with the read data and stopping device operation if said message 

authentication code is different (Cassagnol, column 7 lines 39-62, only allows process 
to decrypt if MAC is verified). 



20. Claims 15-16, 29-30 are rejected under 35 U.S.C. 103(a) as being unpatentable 

i 

over Rindsberg US Patent No. 6,970,565 and Herbert et al US Patent No. 7,149,901 as 

i 

applied to claim 11 above, and further in view of Christie et al US Patent No. 7,130,951. 
j 21 . With regards to claims 15, 29 Rindsberg as modified fails to teach setting a 

i 

process arranged in the electronic device in one of at least two different operating 
J modes and storing protected data relating to the device security in at least one storage 
area of the a storage circuitry wherein the process is given access to said storage area 
in which said protected data is located when a secure processor operating mode is set 
and the processor is denied access to said storage area when a normal processor 
operating mode is set. However, Christie teaches setting a process arranged in the 
i electronic device in one of at least two different operating modes and storing protected 

i 

| data relating to the device security in at least one storage area of the a storage circuitry 

i 

(Christie, column 4 lines 25-51) wherein the process is given access to said storage 
area in which said protected data is located when a secure processor operating mode is 

i 

! set and the processor is denied access to said storage area when a normal processor 
operating mode is set (Christie, column 5 lines 30-51, denied access to trusted memory 
areas, column 3 lines 55-63). At the time the invention was made, it would have been 
obvious to a person of ordinary skill in the art to utilize Christie's method of processor 
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modes because it offers the advantage of decreasing the likelihood of applications 

interfering with each other (Christie, column 1 lines 32-50). 

22. With regards to claims 16, 30, Rindsberg as modified teaches the setting of 

processor modes is performed by protected applications (Rindsberg, column 9 lines 10- 

20). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Andrew L. Nalven whose telephone number is 571 272 
3839. The examiner can normally be reached on Monday - Thursday 8-6, Alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on 571 272 381 1 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Andrew Nalven 





